Imports System
Imports System.Data.SqlTypes
Imports System.Data
Imports System.Data.SqlClient
Imports System.Runtime.InteropServices
Imports System.Configuration
Imports System.Text

Public Class UserSessionManager
    Public DBConnectstring As String
    Public SessionID As String
    Public pagename As String
    Public Password As String
    Public ServerIP As String
    Public ServerTime As String
    Public SourceIP As String
    Public bLastactivity As Date
    'Private objData As viaAudit.AuditEvent
    Private oAudit As gaAudit.AuditEvent
    Private x As Long
    Public sErrMsg As String
    Dim _getSessionVar(10) As String
    'Public ErrMsg As String
    Public Property getSessionVar() As String()
        Get
            Return Me._getSessionVar
        End Get
        Set(ByVal Value As String())
            _getSessionVar = Value
        End Set
    End Property
    Public Function LogInUser(ByVal uid As String, ByVal gid As Integer, ByVal cid As Integer, ByVal pwd As String) As String
        Dim Conn As SqlConnection = New SqlConnection(DBConnectstring)
        Dim Adapter As SqlDataAdapter
        Dim Cmd As SqlCommand
        Dim Rst As New DataSet
        Dim ErrMsg As String = ""
        'Dim oAudit As gaAudit.AuditEvent

        If LockedStatus(uid, gid, cid) Then
            sErrMsg = "ERROR: This account has been locked.  Please contact customer support."
            LogInUser = sErrMsg
            Exit Function
        End If

        SessionID = System.Guid.NewGuid.ToString
        SessionID = Mid(SessionID, 2, Len(SessionID) - 2)
        Conn.Open()
        Cmd = New SqlCommand("LogInUser", Conn)
        'Adapter = New SqlDataAdapter("LogInUser", Conn)
        'sqldataAdapter.SelectCommand.CommandType = CommandType.StoredProcedure
        'With Cmd
        '    .Parameters.Add("@i_sessionid", SessionID)
        '    .Parameters.Add("@i_cid", cid)
        '    .Parameters.Add("@i_gid", gid)
        '    .Parameters.Add("@i_uid", uid)
        '    .Parameters.Add("@i_Password", pwd)
        '    .CommandType = CommandType.StoredProcedure

        'End With
        Adapter = New SqlDataAdapter(Cmd)
        Dim ds As DataSet = New DataSet
        Adapter.Fill(ds, "login")
        Try

            If ds.Tables(0).Rows.Count > 0 Then
                _getSessionVar(0) = Rst.Tables(0).Rows(0).Item("session_id")
                _getSessionVar(1) = Rst.Tables(1).Rows(0).Item("company_id")
                _getSessionVar(2) = Rst.Tables(2).Rows(0).Item("gaportal_id")
                _getSessionVar(3) = Rst.Tables(3).Rows(0).Item("user_id")
                _getSessionVar(4) = Rst.Tables(4).Rows(0).Item("incidcontext")
                _getSessionVar(5) = Rst.Tables(5).Rows(0).Item("ingidcontext")
                _getSessionVar(6) = Rst.Tables(6).Rows(0).Item("logindatetime")
                _getSessionVar(7) = Rst.Tables(7).Rows(0).Item("lastactivity")
                _getSessionVar(8) = Rst.Tables(8).Rows(0).Item("userpermissionsstring")
                Adapter.Dispose()

            Else
                ErrMsg = "User login Failed"

            End If


            Loginevent(ErrMsg, uid, gid, cid)
            'If Len(ErrMsg) = 0 Or IsNothing(ErrMsg) Then
            '    LogInUser = SessionID
            'Else
            '    LogInUser = "1"
            'End If

        Catch ex As SqlException
            'Dim strErrEx As String = ""
            'Dim strTDErr As String
            Dim i As Integer = 0

            For i = 0 To ex.Errors.Count - 1
                ErrMsg = ex.Errors(i).Message.ToString()
            Next i
            ''/**use this code to debug**//

            LogErrorEvent(ErrMsg)

        Finally
            If Not (Conn Is Nothing) Then
                Conn.Close()
            End If
        End Try
        If Len(ErrMsg) = 0 Or IsNothing(ErrMsg) Then
            LogInUser = SessionID
        Else
            LogInUser = "1"
        End If
    End Function

    Public Function LogInNewUser(ByVal arrRegvalues() As String) As Integer

        Dim objConn As SqlConnection = New SqlConnection(DBConnectstring)
        Dim ErrMsg As String
        'Dim sessid As String
        Dim GID As Integer

        objConn.Open()
        Try
            Dim objCmd As SqlCommand = New SqlCommand("RegisterNewUser", objConn)
            objCmd.CommandType = CommandType.StoredProcedure

            With objCmd
                '.Parameters.Add("@i_GAPortal_ID", Nothing)
                '.Parameters(0).SqlDbType = SqlDbType.Int
                '.Parameters(0).Direction = ParameterDirection.Output
                '.Parameters.Add("@i_UID", Trim(arrRegvalues(8)))
                '.Parameters.Add("@i_companyNM", Trim(arrRegvalues(0)))

                '.Parameters.Add("@i_country_Code", Trim(arrRegvalues(1)))

                '.Parameters.Add("@i_fname", Trim(arrRegvalues(2)))

                '.Parameters.Add("@i_lname", Trim(arrRegvalues(3)))

                '.Parameters.Add("@i_telephone", Trim(arrRegvalues(4)))

                '.Parameters.Add("@i_email", Trim(arrRegvalues(5)))

                '.Parameters.Add("@i_member_type", Trim(arrRegvalues(6)))

                '.Parameters.Add("@i_password", Trim(arrRegvalues(7)))

                '.Parameters.Add("@i_roleID", CInt(arrRegvalues(9)))

                '.Parameters.Add("@i_supervisor", Trim(arrRegvalues(10)))

            End With
            objCmd.ExecuteNonQuery().ToString()
            GID = objCmd.Parameters(0).Value
            objConn.Close()

            'oAudit = New gaAugit.AuditEvent

            oAudit.DBConnectString = DBConnectstring
            oAudit.SESSION_USER_ID = Trim(arrRegvalues(8))
            oAudit.SESSION_GAPORTAL_ID = GID
            oAudit.SESSION_COMPANY_ID = 0
            oAudit.AFFECTED_USER_ID = Trim(arrRegvalues(8))
            oAudit.AFFECTED_GAPORTAL_ID = GID
            oAudit.AFFECTED_COMPANY_ID = 0
            oAudit.AddInfo(68, ServerIP)
            oAudit.AddInfo(69, ServerTime)
            oAudit.AddInfo(70, SourceIP)
            If GID > 0 Then
                oAudit.EventID = 8 'register successful
                x = oAudit.SaveEvent()
                Return GID
            Else
                oAudit.EventID = 9 'register failed
                x = oAudit.SaveEvent()
                Return 1
            End If


        Catch ex As SqlException
            Dim i As Integer = 0

            For i = 0 To ex.Errors.Count - 1

                ErrMsg = ex.Errors(i).Message.ToString()
            Next i
        Finally
            objConn.Close()
        End Try

        Return 1
    End Function
    Private Sub Loginevent(ByVal strEvtDsc As String, ByVal UID As String, ByVal GID As Integer, ByVal CID As Integer)
        '//**************************************
        Dim Dr As SqlDataReader
        Dim strErr As String = ""
        Dim sSQL As String
        Dim sPerm As String
        'oAudit = New gaAugit.AuditEvent

        oAudit.DBConnectString = DBConnectstring
        oAudit.SESSION_USER_ID = UID
        oAudit.SESSION_GAPORTAL_ID = GID
        oAudit.SESSION_COMPANY_ID = CID
        oAudit.AFFECTED_USER_ID = UID
        oAudit.AFFECTED_GAPORTAL_ID = GID
        oAudit.AFFECTED_COMPANY_ID = CID
        oAudit.AddInfo(68, ServerIP)
        oAudit.AddInfo(69, ServerTime)
        oAudit.AddInfo(70, SourceIP)
        Try
            If Len(Trim(strEvtDsc)) = 0 Or IsNothing(strEvtDsc) Then
                'LogInUser = SessionID
                '-----  If this is an 'E' level account, it needs
                '       to have the Permission String compiled.

                sPerm = ""
                sSQL = ""
                sSQL = sSQL & "select "
                sSQL = sSQL & "     PERMISSION_TYPE_ID "
                sSQL = sSQL & "from "
                sSQL = sSQL & "     USER_PERMISSIONS "
                sSQL = sSQL & "where "
                sSQL = sSQL & "     COMPANY_ID = " & CID & " and "
                sSQL = sSQL & "     GAPORTAL_ID = '" & GID & "' and "
                sSQL = sSQL & "     USER_ID = '" & UID & "'"

                Dr = GetDataReader(DBConnectstring, sSQL, strErr)
                If Len(strErr) > 0 Or IsNothing(strErr) Then
                    Do While Dr.Read()
                        If Not IsNothing(Dr.GetString(0)) Then
                            sPerm = sPerm & "&" & Dr.GetString(0) & "&"
                        End If

                    Loop
                Else
                    LogErrorEvent(strErr)
                End If

                If Len(sPerm) > 0 Then
                    sSQL = ""
                    sSQL = sSQL & "update USERSESSIONMNGR set "
                    sSQL = sSQL & "USERPERMISSIONSSTRING = '" & sPerm & "' "
                    sSQL = sSQL & "where SESSION_ID = '" & SessionID & "'"
                    CallExecuteSQL(DBConnectstring, sSQL, strErr)
                End If

                oAudit.EventID = 1  '------ Successful Login 8--register
                x = oAudit.SaveEvent()
                'oAudit = Nothing

            Else
                'LogInUser = "ERROR: " & sErrMsg
                oAudit.EventID = 2  '-----  Failed Login 9--failed register
                x = oAudit.SaveEvent()
            End If

        Catch ex As SqlException
            'ErrMessage("InsertUserSQL", ex.Message)
            strErr = ex.Message
            LogErrorEvent(strErr)
        End Try
    End Sub

    Public Function GetSessionVars() As String()
        ''On Error GoTo ProgramErrorHandler

        Dim Cmd As New SqlCommand
        Dim Conn As New SqlConnection(DBConnectstring)
        Dim dr As SqlDataReader
        Dim sqlAdpt As New SqlDataAdapter(Cmd)
        Dim DS As New DataSet
        'Conn = CreateObject("adodb.connection")
        'Cmd = CreateObject("adodb.command")
        'Rst = CreateObject("adodb.recordset")
        Dim sErr As String = ""
        Dim aSessionVars(12) As String
        Dim dLastActivTime As Date
        Dim sSQL As String = ""
        sSQL = sSQL & "select "
        sSQL = sSQL & "     LastActivity "
        sSQL = sSQL & "from "
        sSQL = sSQL & "     USERSESSIONMNGR "
        sSQL = sSQL & "where "
        sSQL = sSQL & "     session_id = '" & SessionID & "'"
        Try
            dr = GetDataReader(DBConnectstring, sSQL, sErr)
            If Len(sErr) = 0 Or IsNothing(sErr) Then
                Do While dr.Read()
                    If Not IsNothing(dr.GetString(0)) Then
                        dLastActivTime = dr.GetDateTime(0)
                        Exit Do
                    Else
                        dLastActivTime = Nothing
                    End If
                Loop
            Else
                LogErrorEvent(sErr)
            End If
            '===========
            With Cmd
                .Connection = Conn
                .CommandType = CommandType.StoredProcedure
                .CommandText = "GetSessionVars"
                .Parameters.Add(New SqlParameter("@i_sessionid", SqlDbType.VarChar, 40)).Value = SessionID
                .Parameters.Add(New SqlParameter("@o_errormsg", SqlDbType.NVarChar, 255)).Direction = ParameterDirection.Output

            End With
            sqlAdpt.SelectCommand.CommandType = CommandType.StoredProcedure
            sqlAdpt.Fill(DS, "GetSessionVars")
            If DS.Tables(0).Rows.Count > 0 Then
                '------------------------------------------------------------------------
                'Returns a message to the calling ASP page.

                '------------------------------------------------------------------------
                If Cmd.Parameters("o_ERRORMSG").Value > 0 Or Not IsNothing(Cmd.Parameters("o_ERRORMSG").Value) Then

                    sErr = Cmd.Parameters("o_ERRORMSG").Value
                    'Audit forced logout event
                    ' oAudit = New gaAugit.AuditEvent
                    oAudit.DBConnectString = DBConnectstring
                    oAudit.EventID = 19  '------ forced logout
                    oAudit.SESSION_USER_ID = DS.Tables(0).Rows(0).Item("user_id")
                    oAudit.SESSION_GAPORTAL_ID = DS.Tables(0).Rows(0).Item("viaklix_id")
                    oAudit.SESSION_COMPANY_ID = DS.Tables(0).Rows(0).Item("company_id")
                    If IsNothing(DS.Tables(0).Rows(0).Item("invidcontext")) Then
                        oAudit.AFFECTED_USER_ID = DS.Tables(0).Rows(0).Item("user_id")
                        oAudit.AFFECTED_GAPORTAL_ID = DS.Tables(0).Rows(0).Item("viaklix_id")
                        oAudit.AFFECTED_COMPANY_ID = DS.Tables(0).Rows(0).Item("company_id")
                    Else
                        oAudit.AFFECTED_USER_ID = DS.Tables(0).Rows(0).Item("user_id")
                        oAudit.AFFECTED_GAPORTAL_ID = DS.Tables(0).Rows(0).Item("invidcontext")
                        oAudit.AFFECTED_COMPANY_ID = DS.Tables(0).Rows(0).Item("incidcontext")
                    End If
                    oAudit.AddInfo(68, ServerIP)
                    oAudit.AddInfo(69, ServerTime)
                    oAudit.AddInfo(70, SourceIP)
                    oAudit.AddInfo(72, pagename)
                    x = oAudit.SaveEvent()
                    oAudit = Nothing
                    'Rst = Nothing

                    Cmd = Nothing
                    Conn.Close()
                    Conn = Nothing
                    LogErrorEvent(sErr)
                    GetSessionVars = Nothing
                    Exit Function

                    '------------------------------------------------------------------------

                Else
                    aSessionVars(0) = DS.Tables(0).Rows(0).Item("SESSION_ID")
                    aSessionVars(1) = DS.Tables(0).Rows(0).Item("COMPANY_ID")
                    aSessionVars(2) = DS.Tables(0).Rows(0).Item("VIAKLIX_ID")
                    aSessionVars(3) = DS.Tables(0).Rows(0).Item("USER_ID")
                    aSessionVars(4) = DS.Tables(0).Rows(0).Item("INCIDCONTEXT")
                    aSessionVars(5) = DS.Tables(0).Rows(0).Item("INVIDCONTEXT")
                    aSessionVars(6) = DS.Tables(0).Rows(0).Item("LOGINDATETIME")
                    aSessionVars(7) = DS.Tables(0).Rows(0).Item("LASTACTIVITY")
                    aSessionVars(8) = DS.Tables(0).Rows(0).Item("USERPERMISSIONSSTRING")
                    'aSessionVars(9) = Rst("TERMINAL_PIN")
                    'aSessionVars(10) = Rst("TERMINAL_NAME")
                    'aSessionVars(11) = Rst("TERMINAL_NUMBER")
                    'aSessionVars(12) = Rst("MARKET")

                    If DateDiff("s", dLastActivTime, aSessionVars(7)) > 600 Then
                        sErr = " Session has been expired"
                        'LogErrorEvent(sErr)
                        'GetSessionVars()
                        'Audit forced logout event
                        'oAudit = CreateObject("viaAudit.AuditEvent")
                        oAudit.DBConnectString = DBConnectstring
                        oAudit.EventID = 19  '------ forced logout
                        oAudit.SESSION_USER_ID = DS.Tables(0).Rows(0).Item("user_id")
                        oAudit.SESSION_GAPORTAL_ID = DS.Tables(0).Rows(0).Item("viaklix_id")
                        oAudit.SESSION_COMPANY_ID = DS.Tables(0).Rows(0).Item("company_id")
                        If IsNothing(DS.Tables(0).Rows(0).Item("invidcontext")) Then
                            oAudit.AFFECTED_USER_ID = DS.Tables(0).Rows(0).Item("user_id")
                            oAudit.AFFECTED_GAPORTAL_ID = DS.Tables(0).Rows(0).Item("viaklix_id")
                            oAudit.AFFECTED_COMPANY_ID = DS.Tables(0).Rows(0).Item("company_id")
                        Else
                            oAudit.AFFECTED_USER_ID = DS.Tables(0).Rows(0).Item("user_id")
                            oAudit.AFFECTED_GAPORTAL_ID = IsNothing(DS.Tables(0).Rows(0).Item("invidcontext"))
                            oAudit.AFFECTED_COMPANY_ID = DS.Tables(0).Rows(0).Item("incidcontext")
                        End If
                        oAudit.AddInfo(68, ServerIP)
                        oAudit.AddInfo(69, ServerTime)
                        oAudit.AddInfo(70, SourceIP)
                        oAudit.AddInfo(72, pagename)
                        x = oAudit.SaveEvent()
                        oAudit = Nothing
                        LogErrorEvent(sErr)
                        GetSessionVars = Nothing
                    Else
                        GetSessionVars = aSessionVars

                    End If
                End If
            Else
                sErr = "No session variable found"
                LogErrorEvent(sErr)
                GetSessionVars = Nothing
            End If
        Catch ex As SqlException

            Dim i As Integer = 0

            For i = 0 To ex.Errors.Count - 1
                sErr = ex.Errors(i).Message.ToString()
            Next i
            ''/**use this code to debug**//

            LogErrorEvent(sErr)
            GetSessionVars = Nothing
        Finally
            If Not (Conn Is Nothing) Then
                Conn.Close()
            End If
        End Try

    End Function

    Public Function LogOutUser() As String

        Dim Cmd As New SqlCommand
        'Dim Conn As SqlConnection
        'Conn = CreateObject("adodb.connection")
        'Cmd = CreateObject("adodb.command")
        Dim sErr As String
        Try
            With Cmd
                ' .Connection = Conn
                .CommandType = CommandType.StoredProcedure
                .CommandText = "LogOutUser"
                .Parameters.Add(New SqlParameter("@i_sessionid", SqlDbType.VarChar, 40)).Value = SessionID
                .Parameters.Add(New SqlParameter("@o_errormsg", SqlDbType.NVarChar, 255)).Direction = ParameterDirection.Output

            End With
            Cmd.Connection.Open()
            Cmd.ExecuteNonQuery()
            'Conn.Open(DBConnectstring)
            'Cmd.ActiveConnection = Conn
            'Cmd.CommandType = adCmdStoredProc
            'Cmd.CommandText = "VIAKLIX_SESSION.LogOutUser"
            'Cmd.Parameters.Append(Cmd.CreateParameter("o_sessionid", adVarChar, adParamInput, 40, SessionID))
            'Cmd.Parameters.Append(Cmd.CreateParameter("o_errormsg", adVarChar, adParamOutput, 255))
            'Cmd.Execute()

            '------------------------------------------------------------------------
            'Returns a message to the calling ASP page.
            '------------------------------------------------------------------------
            If Not IsNothing(Cmd.Parameters("o_ERRORMSG")) Then

                'Debug.Print("Error Msg = " & Cmd.Parameters("o_ERRORMSG"))
                sErr = Cmd.Parameters("o_ERRORMSG").Value
                LogErrorEvent(sErr)
                LogOutUser = "ERROR: " & sErr
                Exit Function
            Else
                LogOutUser = "OK"
            End If
            '------------------------------------------------------------------------
        Catch ex As SqlException

            Dim i As Integer = 0

            For i = 0 To ex.Errors.Count - 1
                sErr = ex.Errors(i).Message.ToString()
            Next i
            ''/**use this code to debug**//

            'LogErrorEvent(sErr)
            'LogOutUser = "ERROR: " & sErr
        Finally
            'If Not (Conn Is Nothing) Then
            '    Conn.Close()
            'End If
        End Try
        Return Nothing

    End Function

    Public Function ChangeUserContext(ByVal CID As Integer, ByVal VID As String, ByVal UID As String) As String

        Dim Cmd As SqlCommand
        Dim Conn As SqlConnection = Nothing
        'Conn = CreateObject("adodb.connection")
        'Cmd = CreateObject("adodb.command")
        Dim sErr As String = ""
        Try
            Cmd = New SqlCommand
            With Cmd
                .Connection = Conn
                .CommandType = CommandType.StoredProcedure
                .CommandText = "ChangeUserContext"
                .Parameters.Add(New SqlParameter("@o_sessionid", SqlDbType.VarChar, 40)).Value = SessionID
                .Parameters.Add(New SqlParameter("@i_cid", SqlDbType.Int, 4)).Value = CID
                .Parameters.Add(New SqlParameter("@i_vid", SqlDbType.VarChar, 15)).Value = VID
                .Parameters.Add(New SqlParameter("@o_errormsg", SqlDbType.NVarChar, 255)).Direction = ParameterDirection.Output

            End With
            Cmd.Connection.Open()
            Cmd.ExecuteNonQuery()
            'Conn.Open(DBConnectstring)
            'Cmd.ActiveConnection = Conn
            'Cmd.CommandType = adCmdStoredProc
            'Cmd.CommandText = "VIAKLIX_SESSION.ChangeUserContext"
            'Cmd.Parameters.Append(Cmd.CreateParameter("o_sessionid", adVarChar, adParamInput, 40, SessionID))
            'Cmd.Parameters.Append(Cmd.CreateParameter("i_cid", adInteger, adParamInput, 4, CID))
            'Cmd.Parameters.Append(Cmd.CreateParameter("i_vid", adVarChar, adParamInput, 15, VID))
            'Cmd.Parameters.Append(Cmd.CreateParameter("o_errormsg", adVarChar, adParamOutput, 255))
            'On Error Resume Next
            'Cmd.Execute()

            '------------------------------------------------------------------------
            'Returns a message to the calling ASP page.
            '------------------------------------------------------------------------
            If Not IsNothing(Cmd.Parameters("o_ERRORMSG")) Then

                'Debug.Print("Error Msg = " & Cmd.Parameters("o_ERRORMSG"))
                sErr = Cmd.Parameters("o_ERRORMSG").Value

                'Debug.Print("Error Msg = " & Cmd.Parameters("o_ERRORMSG"))
                sErr = Cmd.Parameters("o_ERRORMSG").Value
                LogErrorEvent(sErr)
                ChangeUserContext = "ERROR: " & sErr

            Else
                ChangeUserContext = "OK"
            End If
        Catch ex As SqlException

            Dim i As Integer = 0

            For i = 0 To ex.Errors.Count - 1
                sErr = ex.Errors(i).Message.ToString()
            Next i
            ''/**use this code to debug**//

            LogErrorEvent(sErr)
            ChangeUserContext = "ERROR: " & sErr
        Finally
            If Not IsNothing(Conn) Then
                Conn.Close()
            End If
        End Try

    End Function

    Private Function LockedStatus(ByVal UID As String, ByVal GID As Integer, ByVal CID As Integer) As Boolean
        Dim bLocked As Boolean
        Dim nCount As Integer
        Dim dr As SqlDataReader
        Dim sErr As String = ""
        Dim sSQL As String = ""
        If UID <> "000000" Then
            nCount = 0
            sSQL = "SELECT Event_ID "
            sSQL = sSQL & "FROM (select Event_ID, DateTime "
            sSQL = sSQL & "FROM Audits "
            sSQL = sSQL & "WHERE ((Event_ID = 1 or Event_ID = 2) and "
            sSQL = sSQL & "AFFECTING_USER_ID = '" & Replace(UID, "'", "''") & "' and "
            sSQL = sSQL & "AFFECTING_VIAKLIX_ID = '" & Replace(GID, "'", "''") & "' and "
            sSQL = sSQL & "AFFECTING_COMPANY_ID = " & CID & " )"
            sSQL = sSQL & "OR ( Event_ID = 20 AND "
            sSQL = sSQL & "AFFECTING_USER_ID = '" & Replace(UID, "'", "''") & "' and "
            sSQL = sSQL & "AFFECTING_VIAKLIX_ID = '" & Replace(GID, "'", "''") & "' and "
            sSQL = sSQL & "AFFECTING_COMPANY_ID = " & CID & " )"
            sSQL = sSQL & "ORDER BY DateTime desc) "
            sSQL = sSQL & "WHERE ROWNUM <= 3"
            Try
                dr = GetDataReader(DBConnectstring, sSQL, sErr)

                bLocked = True
                'dr.GetInt16(0)
                Do While dr.Read()
                    nCount = nCount + 1
                    If dr.GetInt16(0) <> 2 Then
                        bLocked = "False"
                    End If
                Loop

                If nCount >= 3 And bLocked = True Then
                    LockedStatus = True
                Else
                    LockedStatus = False
                End If

            Catch ex As SqlException

                Dim i As Integer = 0

                For i = 0 To ex.Errors.Count - 1
                    sErr = ex.Errors(i).Message.ToString()
                Next i
                ''/**use this code to debug**//

                LogErrorEvent(sErr)
                LockedStatus = False

            End Try
        Else
            LockedStatus = False
            Exit Function
        End If
    End Function



    Public Sub LogErrorEvent(ByVal sOrigin As String)
        'Dim sErrMsg As String
        sErrMsg = ""
        sErrMsg = sErrMsg & "UserManagment.UserSessionManager" & sOrigin & vbCrLf
        sErrMsg = sErrMsg & "Source: " & Err.Source & vbCrLf
        sErrMsg = sErrMsg & "Number: " & Err.Number & vbCrLf
        sErrMsg = sErrMsg & "Description: " & Err.Description
        ''return public sErrMsg via call getError to aspx page
        'App.LogEvent(sErrMsg, vbLogEventTypeError)
        'Debug.Print(sErrMsg)
        'LogErrorEvent = sErrMsg
    End Sub
    Public Function GetError() As String
        GetError = sErrMsg
        Exit Function
    End Function

    'Public Function CheckPwdExp(ByVal UserID, ByVal viaKlixID, ByVal CompanyID) As Integer
    '    '-----  BW 1-25-01 Returns the number of days before the current
    '    '       password will expire.(3/14/02 xiuqin move this function to here)

    '    '-----  ExpDur dictates how many days in the lifespan of a password.
    '    'On Error GoTo ProgramErrorHandler
    '    Dim dDateLastPwd As Date
    '    Dim nNumDays As Integer
    '    'Dim RT As DataSet
    '    Dim dr As SqlDataReader
    '    Dim sErr As String = ""
    '    Dim sSQL As String = ""
    '    'Dim cExpDur As Integer
    '    Const cExpDur = 45
    '    '       1.  Get the DateTime of the most recent Password Change event for the
    '    '           specified merchant ( EventID 3 ).
    '    '       2.  If no event occurred, then get the DateTime when the merchant was
    '    '           created ( EventID 10 ).
    '    '       3.  Determine the number of days that have passed since that date. If
    '    '           for some reason no DateTime was found for either steps 1 or 2, use
    '    '           cExpDur as the number of days.
    '    '       4.  Subtract that number from cExpDur, rounding up to the nearest
    '    '           positive number ( 0 being the lowest ).

    '    sSQL = "SELECT DateTime "
    '    sSQL = sSQL & "FROM Audits "
    '    sSQL = sSQL & "where ( event_id = 3 or event_id = 8 or event_id = 10 ) and "
    '    sSQL = sSQL & "affecting_user_id = '" & UserID & "' and "
    '    sSQL = sSQL & "affecting_viaklix_id = '" & viaKlixID & "' and "
    '    sSQL = sSQL & "affecting_company_id = " & CInt(CompanyID) & " "
    '    'sSQL = sSQL & "ROWNUM <= 3 "
    '    sSQL = sSQL & "ORDER BY DateTime desc"
    '    'RT = CreateObject("ADODB.Recordset")
    '    Try
    '        dr = GetDataReader(DBConnectstring, sSQL, sErr)
    '        Do While dr.Read()
    '            If Not IsNothing(dr.GetString(0)) Then
    '                dDateLastPwd = dr.GetString(0)
    '                nNumDays = DateDiff("d", CDate(dDateLastPwd), Now())
    '            Else
    '                nNumDays = cExpDur
    '            End If
    '        Loop
    '        'RT.Open(sSQL, DBConnectstring, adOpenForwardOnly, adLockReadOnly)

    '        'If Not RT.EOF Then
    '        '    dDateLastPwd = RT.Fields(0).Value
    '        '    nNumDays = DateDiff("d", CDate(dDateLastPwd), Now())
    '        'Else
    '        '    nNumDays = cExpDur
    '        'End If
    '        'RT.Close()
    '        'RT = Nothing
    '        If cExpDur - nNumDays < 0 Then
    '            CheckPwdExp = 0
    '        Else
    '            CheckPwdExp = cExpDur - nNumDays
    '        End If

    '    Catch ex As SqlException

    '        Dim i As Integer = 0

    '        For i = 0 To ex.Errors.Count - 1
    '            sErr = ex.Errors(i).Message.ToString()
    '        Next i
    '        ''/**use this code to debug**//

    '        LogErrorEvent(sErr)


    '    End Try

    'End Function
End Class
